On Jun 7, 2011, at 11:07 AM, Sri Harsha Yalamanchili wrote:
> Not much luck using tcpdump either. We know, from both the query_log and
> tcpdump logging, that the queries are going out. But we never get a reply
> back. That's the confusing part. The Google DNS server replies back but not
> our o
The query-source address is nat'ed address inside the firewall. We opted
for that to make our firewall less porous but may be we should re-visit
that strategy.
The forwarder actually works. That was the primary/only DNS server we
were using until we decided to install our own internal dns and
On Fri, Jun 03, 2011 at 03:09:13PM -0700,
Sri Harsha Yalamanchili wrote
a message of 145 lines which said:
> o query-source address X.X.X.X port 53;
That's typically a very bad idea because it makes the source port
predictable and therefore makes you much more vulnerable to the
Kamin
3 matches
Mail list logo
